The UK Government has published its response to the consultation on its proposed reform of the UK’s data protection regime (which we have provided further information on in our previous legal update available here.) Whilst the UK Government has proposed several incremental reforms to the UK’s data protection laws that will diverge from the

On 25 May 2022, the European Commission published Questions and Answers for the New  Standard Contractual Clauses to provide practical guidance on the use of standard contractual clauses (SCCs) and help organisations with their General Data Protection Regulation (GDPR) compliance efforts. The Commission confirmed that the Q&A document will be regularly updated.

Continue reading.

On March 25, 2022, the United States and the European Union jointly announced an “agreement in principle” to a new trans-Atlantic data privacy framework to facilitate the cross-border transfer of personal data (the “Framework”).1 As part of the Framework, the US has made “unprecedented commitments” related to intelligence collection and surveillance practices.2 The

Today, 21 March 2022, the International Data Transfer Agreement (IDTA) and the UK Addendum to the EU standard contractual clauses have entered into force.

The IDTA and the UK Addendum can be used for transfers of personal data outside the UK to countries that are not considered “adequate” by the UK Government. You can read

The UK Online Safety Bill was proposed by the UK government to establish a new regulatory framework to tackle harmful content online and usher in a new age of accountability for tech companies. The bill will impose a duty of care on companies that offer user-generated content, in addition to search engines, to protect users

The General Data Protection Regulation (“GDPR”) might apply to operators of overseas websites that have even  minimal commercial activity in the UK following the judgment of the Court of Appeal of England and Wales in Soriano v Forensic News LLC and Others [2021] EWCA Civ 1952.

Operators of overseas online platforms, apps and

In this National Cybersecurity Awareness Month conversation, Mayer Brown lawyers from our global practice will discuss the latest legal trends and developments relating to cybersecurity in China, Europe and the UK. Topics will include:

  • The implications for international businesses seeking to comply with China’s new Data Security Law and Personal Information Protection Law in combination

Seitdem die Datenschutz-Grundverordnung in Kraft trat, stehen Entwickler und Forschende im Bereich der automatisierten und vernetzten Mobilität immer wieder vor schwierigen Fragestellungen:

  • Welche Daten lassen sich wie DSGVO-konform verarbeiten? Was ist erlaubt, was nicht?
  • Wie können diese Daten anderen zur Verfügung gestellt werden?
  • Welche Unterschiede gibt es hierbei zwischen Universitätsinstituten, öffentlichen Einrichtungen und Unternehmen?

Continue

Today, 28 June 2021, the European Commission formally adopted two adequacy decisions with respect of transferring personal data from the European Economic Area (the “EEA”) to the United Kingdom (the “UK”): one under the EU General Data Protection Regulation and one under the EU Law Enforcement Directive. The two decisions come into